CVE-2022-1984

MEDIUM

HYPR Windows WFA <7.2 - Privilege Escalation

Title source: llm

Description

This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) before version 7.2 may allow local authenticated attackers to elevate privileges via a malicious serialized payload.

References (1)

[Vendor Advisory] https://www.hypr.com/security-advisories/

Scores

CVSS v3 4.5

EPSS 0.0014

EPSS Percentile 34.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-502

Status published

Affected Products (1)

hypr/workforce_access < 7.3.0

Timeline

Published Jul 19, 2022

Tracked Since Feb 18, 2026